diff options
| author | Andrey Andreev <narf@devilix.net> | 2015-09-21 15:17:48 +0200 |
|---|---|---|
| committer | Andrey Andreev <narf@devilix.net> | 2015-09-21 15:17:48 +0200 |
| commit | 4fbf2d1a8e2b6d33e92f3f353b05388fd3229bd7 (patch) | |
| tree | 591cf443d0a498dd75f83f30595d13f53752c053 /system/core/Security.php | |
| parent | 088e57db3808f78ee89def94c6ce95b571a88427 (diff) | |
More XSS stuff
Diffstat (limited to 'system/core/Security.php')
| -rw-r--r-- | system/core/Security.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/system/core/Security.php b/system/core/Security.php index a30613386..0cae23a79 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -808,7 +808,7 @@ class CI_Security { .'([\s\042\047/=]*)' // non-attribute characters, excluding > (tag close) for obvious reasons .'(?<name>[^\s\042\047>/=]+)' // attribute characters // optional attribute-value - .'(?:\s*=\s*\042[^\042]+\042|\s*=\s*\047[^\047]+\047|\s*=\s*[^\s\042\047=><`]+)?' // attribute-value separator + .'(?:\s*=\s*\042[^\042]+\042|\s*=\s*\047[^\047]+\047|\s*=\s*[^\s\042\047=><`]*)?' // attribute-value separator .'#i'; if ($count = preg_match_all($pattern, $matches['attributes'], $attributes, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) @@ -861,7 +861,7 @@ class CI_Security { preg_replace( '#href=.*?(?:(?:alert|prompt|confirm)(?:\(|&\#40;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|<script|<xss|data\s*:)#si', '', - $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])) + $this->_filter_attributes($match[1]) ), $match[0] ); @@ -889,7 +889,7 @@ class CI_Security { preg_replace( '#src=.*?(?:(?:alert|prompt|confirm|eval)(?:\(|&\#40;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|<script|<xss|base64\s*,)#si', '', - $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])) + $this->_filter_attributes($match[1]) ), $match[0] ); |